Esempio n. 1
0
    def render(self, context):
        request = context['request']
        category = self.category.resolve(context)
        try:
            categories = map(int, category.split(','))
        except:
            context[self.var_name] = []
            return ''

        allowed_objects = get_allowed_objects(
            request.user, ArticleCategory, 'reader')
        categories = [ c for c in categories if c in allowed_objects]
        if categories:
            categories = ArticleCategory.objects.filter(pk__in=categories)
            mao = get_allowed_objects(
                request.user, ArticleCategory, 'reader')

            stories = ArticleStory.objects.select_related().filter(
                categories__in=categories).distinct().order_by('-time_updated')[:int(self.limit)]
            for story in stories:
                story.current_categories = story.categories.all()
                story.current_category = story.current_categories[0]
                story.url = reverse('view_story', args=[story.current_category.pk, story.pk, story.slug])
                intersect = set(mao).intersection( set([category.pk for category in story.current_categories]))
                if intersect:
                    story.edit__url = reverse('edit_story', args=[story.pk])
        else:
            stories = []
        context[self.var_name] = stories
        return ''
Esempio n. 2
0
def auto_completion_search_members(context, input_suggest):
    """
    Render an auto completion to search users.

    Override ``account/ac_search_users.html`` if you want to change the
    design.
    """
    request = context['request']
    input_suggest = input_suggest

    data = []
    ao = set([])
    ao_member = get_allowed_objects(request.user, Community, 'member')
    ao = ao.union(set(ao_member))
    ao_manage = get_allowed_objects(request.user, Community, 'manage')
    ao = ao.union(set(ao_manage))

    communities = Community.objects.filter(id__in=ao).order_by('name')
    objects = set([])
    for com in communities:
        objects = objects.union(set(get_acl_by_object(com, 'member')))
        objects = objects.union(set(get_acl_by_object(com, 'manage')))
        data.append([com.name, ("g-%s" % str(com.id))])

    data.extend([("%s %s" % (x.last_name, x.first_name), ("u-%s" % str(x.id)))
                for x in objects])
    members_data = simplejson.dumps(data)
    return locals()
Esempio n. 3
0
def auto_completion_search_members(context, input_suggest):
    """
    Render an auto completion to search users.

    Override ``account/ac_search_users.html`` if you want to change the
    design.
    """
    request = context['request']
    input_suggest = input_suggest

    data = []
    ao = set([])
    ao_member = get_allowed_objects(request.user, Community, 'member')
    ao = ao.union(set(ao_member))
    ao_manage = get_allowed_objects(request.user, Community, 'manage')
    ao = ao.union(set(ao_manage))

    communities = Community.objects.filter(id__in=ao).order_by('name')
    objects = set([])
    for com in communities:
        objects = objects.union(set(get_acl_by_object(com, 'member')))
        objects = objects.union(set(get_acl_by_object(com, 'manage')))
        data.append([com.name, ("g-%s" % str(com.id))])

    data.extend([("%s %s" % (x.last_name, x.first_name), ("u-%s" % str(x.id)))
                 for x in objects])
    members_data = simplejson.dumps(data)
    return locals()
Esempio n. 4
0
def get_menu_children(request, menu):
    ao_articles = get_allowed_objects(request.user, ArticleCategory, 'reader')
    ao_faqs = get_allowed_objects(request.user, Faq, 'reader')
    ao_forms_sub = get_allowed_objects(request.user, FormsForm, 'creator')
    ao_forms_list = get_allowed_objects(request.user, FormsForm, 'viewer')
    ct_articles = ContentType.objects.get(model='articlecategory')
    ct_faqs = ContentType.objects.get(model='faq')
    ct_forms = ContentType.objects.get(model='formsform')
    children = menu.get_children().filter(
        Q(object_id__in=ao_articles, content_type=ct_articles)
        | Q(object_id__in=ao_faqs, content_type=ct_faqs)
        | Q(object_id__in=ao_forms_sub, content_type=ct_forms)
        | Q(object_id__in=ao_forms_list, content_type=ct_forms)
        | Q(object_id__isnull=True))
    for child in children:
        if child.object_id and child.content_type == ct_articles:
            child.url = child.content_object.get_url_path()
        elif child.object_id and child.content_type == ct_faqs:
            child.url = child.content_object.get_url_path()
        elif child.object_id and child.content_type == ct_forms:
            if child.extra_info == 'submission':
                child.url = child.content_object.get_url_path()
            else:
                child.url = child.content_object.get_url_browse_path()
    return children
Esempio n. 5
0
def dirlist_shared(request):
    r = ['<ul class="jqueryFileTree" style="display: none;">']
    category = request.GET.get('dir', '')
    ob = get_allowed_objects(request.user, ZornaNoteCategory, 'viewer')
    try:
        category = category.rstrip('/')
        c = category.split('/')
        category = ZornaNoteCategory.objects.get(pk=int(c[-1]))
    except:
        category = None

    if category:
        ob_list = ZornaNoteCategory.objects.filter(pk__in=ob, parent=category)
        pcat = "%s/" % category.pk
    else:
        ob_list = ZornaNoteCategory.objects.filter(pk__in=ob,
                                                   parent__isnull=True)
        pcat = ''

    for cat in ob_list:
        r.append(
            '<li class="directory collapsed"><a href="#" id="%s" rel="%s%s/">%s</a></li>'
            % (cat.pk, pcat, cat.pk, cat.name))
    r.append('</ul>')
    return HttpResponse(''.join(r))
Esempio n. 6
0
File: views.py Progetto: kamni/zorna
def manager_list_faqs(request):
    aom = get_allowed_objects(request.user, Faq, "manager")
    aoc = get_allowed_objects(request.user, Faq, "reader")
    allowed_objects = list(set(aom) | set(aoc))
    if len(allowed_objects) == 0:
        return HttpResponseRedirect("/")
    ob_list = Faq.objects.filter(pk__in=allowed_objects)
    for ob in ob_list:
        if ob.pk in aom:
            ob.manager = True
        else:
            ob.manager = False
    extra_context = {}
    extra_context["faq_list"] = ob_list
    context = RequestContext(request)
    return render_to_response("faq/manager_list_faqs.html", extra_context, context_instance=context)
Esempio n. 7
0
def view_story(request, category, story, slug):
    allowed_objects = get_allowed_objects(
        request.user, ArticleCategory, 'reader')
    category = int(category)
    if category in allowed_objects:
        category = ArticleCategory.objects.get(pk=category)
        try:
            story = ArticleStory.objects.get(pk=story, categories=category)
        except ArticleStory.DoesNotExist:
            return HttpResponseForbidden()
        story.edit_url = story.get_edit_url(request.user)
        extra_context = {}
        extra_context['ancestors'] = category.get_ancestors()
        extra_context['category'] = category
        extra_context['story'] = story
        extra_context['story_comments'] = ArticleComments.objects.filter(
            article=story)
        extra_context['zorna_title_page'] = story.title
        try:
            avatar_user = UserAvatar.objects.get(user=story.owner)
        except UserAvatar.DoesNotExist:
            avatar_user = None
        extra_context['avatar_user'] = avatar_user
        extra_context['recent_stories'] = ArticleStory.objects.filter(
            owner=story.owner, categories__in=allowed_objects).distinct().exclude(pk=story.pk).order_by('-time_created')[0:10]
        for s in extra_context['recent_stories']:
            s.category = s.categories.all()[0]
        context = RequestContext(request)
        return render_to_response(['story_%s.html' % category.slug, 'story_default.html', 'articles/story_default.html'], extra_context, context_instance=context)
    else:
        return HttpResponseRedirect('/')
Esempio n. 8
0
def pages_item_menu(context, category, permission, template='pages_item_menu.html'):
    request = context['request']
    allowed_objects = get_allowed_objects(
        request.user, ArticleCategory, permission)
    children = category.get_children().filter(id__in=allowed_objects)
    for cat in children:
        cat.url = cat.get_url_path()
    return {'template': template, 'children': children, 'category': category, 'request': request}
Esempio n. 9
0
 def render(self, context):
     object = self.object.resolve(context)
     request = context['request']
     allowed_objects = get_allowed_objects(
         request.user, ArticleCategory, 'reader')
     context[self.var_name] = object.get_ancestors().filter(
         id__in=allowed_objects)
     return ''
Esempio n. 10
0
File: api.py Progetto: somair/zorna
def is_user_community_manager(user, community_id=0):
    allowed_objects = get_allowed_objects(user, Community, 'manage')
    if community_id == 0:
        return len(allowed_objects) != 0
    elif community_id in allowed_objects:
        return True
    else:
        return False
Esempio n. 11
0
File: api.py Progetto: somair/zorna
def get_contributor_messages(request, member):
    allowed_objects = get_allowed_objects(
        request.user, Community, ['member', 'manage'])
    # messages =
    # MessageCommunity.objects.select_related().filter(Q(communities__in=allowed_objects)
    # & (Q(owner=member)|Q(messagecommunity__owner=member)))
    messages = MessageCommunity.objects.select_related().filter(Q(communities__in=allowed_objects) & (
        Q(owner=member, reply__isnull=True) | Q(messagecommunity__owner=member)))
    return messages
Esempio n. 12
0
def manager_list_faqs(request):
    aom = get_allowed_objects(request.user, Faq, 'manager')
    aoc = get_allowed_objects(request.user, Faq, 'reader')
    allowed_objects = list(set(aom) | set(aoc))
    if len(allowed_objects) == 0:
        return HttpResponseRedirect('/')
    ob_list = Faq.objects.filter(pk__in=allowed_objects)
    for ob in ob_list:
        if ob.pk in aom:
            ob.manager = True
        else:
            ob.manager = False
    extra_context = {}
    extra_context['faq_list'] = ob_list
    context = RequestContext(request)
    return render_to_response('faq/manager_list_faqs.html',
                              extra_context,
                              context_instance=context)
Esempio n. 13
0
def alerts(request):
    from zorna.site.models import SiteAlert
    ao = get_allowed_objects(request.user, SiteAlert, 'viewer')
    alerts = SiteAlert.objects.filter(
        pk__in=ao, start__lte=datetime.datetime.now(), end__gte=datetime.datetime.now())
    context_extras = {}
    context_extras['ALERTS'] = alerts

    return context_extras
Esempio n. 14
0
File: api.py Progetto: somair/zorna
def get_message_by_id(request, message_id):
    allowed_objects = get_allowed_objects(
        request.user, Community, ['member', 'manage'])
    if request.user.is_authenticated():
        messages = MessageCommunity.objects.select_related().filter(Q(communities__in=allowed_objects) | Q(
            users=request.user) | Q(owner=request.user), reply__isnull=True, pk=message_id)
    else:
        messages = MessageCommunity.objects.select_related().filter(Q(
            communities__in=allowed_objects), reply__isnull=True, pk=message_id)
    return messages
Esempio n. 15
0
 def render(self, context):
     request = context['request']
     allowed_objects = get_allowed_objects(
         request.user, ArticleCategory, self.permission)
     object = self.object.resolve(context)
     categories = object.get_children().filter(id__in=allowed_objects)
     for cat in categories:
         cat.url = cat.get_url_path()
     context[self.var_name] = categories
     return ''
Esempio n. 16
0
def writer_stories_list(request):
    q = request.GET.get('q', None)
    aom = get_allowed_objects(
            request.user, ArticleCategory, 'manager')
    aow = get_allowed_objects(
            request.user, ArticleCategory, 'writer')
    if q:
        ob_list = ArticleStory.objects.filter(Q(title__icontains=q) & (Q(owner=request.user) | Q(categories__in=aom))).annotate(
        Count('categories')).order_by('-time_updated')
    else:
        ob_list = ArticleStory.objects.filter(Q(owner=request.user) | Q(categories__in=aom)).annotate(
        Count('categories')).order_by('-time_updated')
    extra_context = {}
    context = RequestContext(request)
    if ob_list or aow:
        extra_context['stories_list'] = ob_list
        return render_to_response('articles/writer_stories_list.html', extra_context, context_instance=context)

    return HttpResponseForbidden()
Esempio n. 17
0
 def render(self, context):
     request = context['request']
     allowed_objects = get_allowed_objects(
         request.user, ArticleCategory, self.permission)
     categories = ArticleCategory.objects.filter(
         parent__isnull=True, id__in=allowed_objects)
     for cat in categories:
         cat.url = cat.get_url_path()
     context[self.var_name] = categories
     return ''
Esempio n. 18
0
def isUserManager(request, slug):
    try:
        fw = FormsWorkspace.objects.get(slug=slug)
        ao = get_allowed_objects(request.user, FormsWorkspace, 'manager')
        if fw.pk in ao:
            return fw
        else:
            return False
    except:
        return False
Esempio n. 19
0
File: api.py Progetto: somair/zorna
def isUserManager(request, slug):
    try:
        fw = FormsWorkspace.objects.get(slug=slug)
        ao = get_allowed_objects(request.user, FormsWorkspace, 'manager')
        if fw.pk in ao:
            return fw
        else:
            return False
    except:
        return False
Esempio n. 20
0
    def get_edit_url(self, user):
        if self.owner == user:
            return reverse('edit_story', args=[self.pk])
        allowed_objects = get_allowed_objects(
                user, ArticleCategory, 'manager')
        intersect = set(allowed_objects).intersection( set([category.pk for category in self.categories.all()]))
        if intersect:
            return reverse('edit_story', args=[self.pk])

        return None
Esempio n. 21
0
def notes_get_content(request, extra={}, category=None):
    if request.user.is_authenticated():
        extra_context = dict(**extra)
        extra_context['category'] = category
        extra_context['search_text'] = request.GET.get('search_text', '')
        extra_context['search_tag'] = request.GET.get('search_tag', '')
        if category:
            try:
                category = ZornaNoteCategory.objects.get(pk=category)
                check = get_acl_for_model(ZornaNoteCategory)
                extra_context['owner'] = category.owner == request.user
                if extra_context['owner'] or check.viewer_zornanotecategory(category, request.user):
                    extra_context['category'] = category
                    extra_context[
                        'category_ancestors'] = category.get_ancestors()
                    notes = category.zornanote_set.all()
                    if extra_context['search_text']:
                        notes = notes.filter(Q(title__icontains=extra_context[
                                             'search_text']) | Q(content__icontains=extra_context['search_text']))
                    if extra_context['search_tag']:
                        notes = notes.filter(Q(
                            tags__icontains=extra_context['search_tag']))
                    for n in notes:
                        n.attachments = []
                        for f in n.zornanotefile_set.all():
                            n.attachments.append({'file_name': os.path.basename(
                                f.file.name), 'pk': f.pk})
                    extra_context['notes'] = notes
            except Exception as e:
                return '%s' % e
        else:
            ob = get_allowed_objects(request.user, ZornaNoteCategory, 'viewer')
            extra_context['owner'] = False
            extra_context['category'] = None
            extra_context['category_ancestors'] = []
            notes = ZornaNote.objects.filter(Q(
                owner=request.user) | Q(category__in=ob))
            if extra_context['search_text']:
                notes = notes.filter(Q(title__icontains=extra_context[
                                     'search_text']) | Q(content__icontains=extra_context['search_text']))
            if extra_context['search_tag']:
                notes = notes.filter(Q(
                    tags__icontains=extra_context['search_tag']))
            for n in notes:
                n.attachments = []
                for f in n.zornanotefile_set.all():
                    n.attachments.append({'file_name': os.path.basename(
                        f.file.name), 'pk': f.pk})
            extra_context['notes'] = notes

        t = loader.get_template('notes/notes_view_notes.html')
        c = RequestContext(request, extra_context)
        return t.render(c)
    else:
        return 'Access denied'
Esempio n. 22
0
 def render(self, context):
     request = context['request']
     try:
         ct = ContentType.objects.get(
             app_label=self.app_name, model=self.model)
         ob = get_allowed_objects(
             request.user, ct.model_class(), self.permission)
         context[self.var_name] = ob
     except:
         pass
     return ''
Esempio n. 23
0
 def render(self, context):
     request = context['request']
     try:
         ct = ContentType.objects.get(app_label=self.app_name,
                                      model=self.model)
         ob = get_allowed_objects(request.user, ct.model_class(),
                                  self.permission)
         context[self.var_name] = ob
     except:
         pass
     return ''
Esempio n. 24
0
 def render(self, context):
     request = context['request']
     check = get_acl_for_model(Community)
     allowed_objects = get_allowed_objects(request.user, Community,
                                           'member')
     communities = Community.objects.filter(
         id__in=allowed_objects).order_by('name')
     for com in communities:
         com.manager = check.manage_community(com, request.user)
         com.member = True
     context[self.var_name] = communities
     return ''
Esempio n. 25
0
 def render(self, context):
     request = context['request']
     check = get_acl_for_model(Community)
     allowed_objects = get_allowed_objects(
         request.user, Community, 'member')
     communities = Community.objects.filter(
         id__in=allowed_objects).order_by('name')
     for com in communities:
         com.manager = check.manage_community(com, request.user)
         com.member = True
     context[self.var_name] = communities
     return ''
Esempio n. 26
0
    def render(self, context):
        request = context['request']
        s = self.story.resolve(context)
        allowed_objects = get_allowed_objects(
            request.user, ArticleCategory, 'reader')
        mao = get_allowed_objects(
            request.user, ArticleCategory, 'manager')
        stories = ArticleStory.objects.select_related().filter(
            categories__in=allowed_objects, pk=int(s))

        if stories:
            story = stories[0]
            story.current_categories = story.categories.all()
            story.current_category = story.current_categories[0]
            story.url = reverse('view_story', args=[story.current_category.pk, story.pk, story.slug])
            intersect = set(mao).intersection( set([category.pk for category in story.current_categories]))
            if intersect:
                story.edit__url = reverse('edit_story', args=[story.pk])
            context[self.var_name] = story
        else:
            context[self.var_name] = None
        return ''
Esempio n. 27
0
 def render(self, context):
     request = context['request']
     events_list = []
     try:
         resource = ZornaResourceCalendar.objects.get(pk=self.cal_id)
         calendar = get_resource_calendar(resource)
         ao = get_allowed_objects(request.user, type(calendar), 'viewer')
         if calendar.pk in ao:
             events_list = get_events_for_object(
                 resource, self.start_date, self.end_date)
     except:
         pass
     context[self.var_name] = events_list
     return ''
Esempio n. 28
0
def get_menu_children(request, menu):
    ao_articles = get_allowed_objects(request.user, ArticleCategory, 'reader')
    ao_faqs = get_allowed_objects(request.user, Faq, 'reader')
    ao_forms_sub = get_allowed_objects(request.user, FormsForm, 'creator')
    ao_forms_list = get_allowed_objects(request.user, FormsForm, 'viewer')
    ct_articles = ContentType.objects.get(model='articlecategory')
    ct_faqs = ContentType.objects.get(model='faq')
    ct_forms = ContentType.objects.get(model='formsform')
    children = menu.get_children().filter(Q(object_id__in=ao_articles, content_type=ct_articles) |
                                          Q(object_id__in=ao_faqs, content_type=ct_faqs) |
                                          Q(object_id__in=ao_forms_sub, content_type=ct_forms) |
                                          Q(object_id__in=ao_forms_list, content_type=ct_forms) |
                                          Q(object_id__isnull=True))
    for child in children:
        if child.object_id and child.content_type == ct_articles:
            child.url = child.content_object.get_url_path()
        elif child.object_id and child.content_type == ct_faqs:
            child.url = child.content_object.get_url_path()
        elif child.object_id and child.content_type == ct_forms:
            if child.extra_info == 'submission':
                child.url = child.content_object.get_url_path()
            else:
                child.url = child.content_object.get_url_browse_path()
    return children
Esempio n. 29
0
File: api.py Progetto: somair/zorna
def is_manager_by_message(user, message):
    baccess = False
    allowed_objects = get_allowed_objects(user, Community, 'manage')
    c = Community.objects.filter(
        messagecommunity__pk=message, pk__in=allowed_objects)
    if c:
        baccess = True
    elif user.is_authenticated():
        # is this message owned by current user?
        try:
            MessageCommunity.objects.get(pk=message, owner=user)
            baccess = True
        except MessageCommunity.DoesNotExist:
            baccess = False
    return baccess
Esempio n. 30
0
 def render(self, context):
     request = context['request']
     s = self.story.resolve(context)
     allowed_objects = get_allowed_objects(
         request.user, ArticleCategory, 'reader')
     stories = ArticleStory.objects.select_related().filter(
         categories__in=allowed_objects, pk=s.pk)
     attachments = s.articleattachments_set.all()
     for f in attachments:
         f.file_name = os.path.basename(f.attached_file.name)
         f.file_url = reverse('get_story_file', args=[f.pk])
     if stories:
         context[self.var_name] = attachments
     else:
         context[self.var_name] = None
     return ''
Esempio n. 31
0
File: views.py Progetto: kamni/zorna
def dirlist_communities_folders(request):
    r = ['<ul class="jqueryFileTree" style="display: none;">']
    ppath = request.GET.get('dir', '')
    ppath = urllib.unquote(ppath.rstrip('/'))
    path = clean_path(ppath)
    if path != ppath:
        path = ''
    if path:
        buser, bmanager = get_user_access_to_path(request.user, path)
        if buser:
            ret = get_sub_folders(path)
        else:
            ret = []
    else:
        ppath = request.GET.get('path', None)
        if ppath:
            ppath = urllib.unquote(ppath.rstrip('/'))
            folder_dest = clean_path(ppath)
            buser, bmanager = get_user_access_to_path(
                request.user, folder_dest)
            if buser:
                ret = get_sub_folders(folder_dest, request.user)
            else:
                ret = []
        else:
            allowed_objects = set([])
            for perm in ['member', 'manage']:
                objects = get_allowed_objects(request.user, Community, perm)
                allowed_objects = allowed_objects.union(set(objects))
            root_path = get_upload_library()
            ret = []
            com = Community.objects.filter(
                pk__in=allowed_objects, enable_documents=True)
            for c in com:
                path = u"C%s" % c.pk
                fullpath = u"%s/%s" % (root_path, path)
                if not os.path.isdir(fullpath):
                    os.makedirs(fullpath)
                pathx = c.name
                ret.append({'name': pathx, 'rel': path})

    for d in ret:
        r.append(
            '<li class="directory collapsed"><a href="#" rel="%s/" title="%s/">%s</a></li>' %
            (d['rel'], d['rel'], d['name']))
    r.append('</ul>')
    return HttpResponse(''.join(r))
Esempio n. 32
0
def dirlist_communities_folders(request):
    r = ['<ul class="jqueryFileTree" style="display: none;">']
    ppath = request.GET.get('dir', '')
    ppath = urllib.unquote(ppath.rstrip('/'))
    path = clean_path(ppath)
    if path != ppath:
        path = ''
    if path:
        buser, bmanager = get_user_access_to_path(request.user, path)
        if buser:
            ret = get_sub_folders(path)
        else:
            ret = []
    else:
        ppath = request.GET.get('path', None)
        if ppath:
            ppath = urllib.unquote(ppath.rstrip('/'))
            folder_dest = clean_path(ppath)
            buser, bmanager = get_user_access_to_path(
                request.user, folder_dest)
            if buser:
                ret = get_sub_folders(folder_dest, request.user)
            else:
                ret = []
        else:
            allowed_objects = set([])
            for perm in ['member', 'manage']:
                objects = get_allowed_objects(request.user, Community, perm)
                allowed_objects = allowed_objects.union(set(objects))
            root_path = get_upload_library()
            ret = []
            com = Community.objects.filter(
                pk__in=allowed_objects, enable_documents=True)
            for c in com:
                path = u"C%s" % c.pk
                fullpath = u"%s/%s" % (root_path, path)
                if not os.path.isdir(fullpath):
                    os.makedirs(fullpath)
                pathx = c.name
                ret.append({'name': pathx, 'rel': path})

    for d in ret:
        r.append(
            '<li class="directory collapsed"><a href="#" rel="%s/" title="%s/">%s</a></li>' %
            (d['rel'], d['rel'], d['name']))
    r.append('</ul>')
    return HttpResponse(''.join(r))
Esempio n. 33
0
File: api.py Progetto: kamni/zorna
def recent_files(request, what, limit):

    roots = []
    if what == "all" or what == "personal":
        bpersonal = SiteOptions.objects.is_access_valid(request.user, "zorna_personal_documents")
        if bpersonal:
            roots.extend(["U%s" % request.user.pk])
    if what == "all" or what == "shared":
        aof = get_allowed_shared_folders(request.user, ["writer", "reader", "manager"])
        roots.extend(["F%s" % f for f in aof])
        for f in aof:
            for d in ZornaFolder.objects.get(pk=f).get_descendants().exclude(inherit_permissions=False):
                roots.append("F%s" % d.pk)
    if what == "all" or what == "communities":
        aof = get_allowed_objects(request.user, Community, ["manage", "member"])
        roots.extend(["C%s" % f for f in aof])

    return recent_files_folders(request, roots, limit)
Esempio n. 34
0
File: api.py Progetto: somair/zorna
def get_user_calendars(user, permissions=['viewer']):
    allowed_objects = set([])
    for perm in permissions:
        objects = get_allowed_objects(user, ZornaCalendar, perm)
        allowed_objects = allowed_objects.union(set(objects))
    b_personal_calendar = SiteOptions.objects.is_access_valid(
        user, 'zorna_personal_calendar')
    if b_personal_calendar:
        pcal = get_personal_calendar(User.objects.get(pk=user.pk))
        allowed_objects.update([pcal.pk])

    communities = get_communities(user)
    for com in communities:
        if com.enable_calendar:
            cal = com.get_calendar()
            allowed_objects.update([cal.pk])

    allowed_objects = ZornaCalendar.objects.filter(pk__in=allowed_objects)
    return allowed_objects
Esempio n. 35
0
File: api.py Progetto: somair/zorna
def get_messages_by_content_type(request, ct, community_id=0):
    allowed_objects = get_allowed_objects(
        request.user, Community, ['member', 'manage'])
    if request.user.is_authenticated():
        if community_id and int(community_id) in allowed_objects:
            messages = MessageCommunity.objects.select_related().filter(Q(communities=community_id) | Q(
                users=request.user) | Q(owner=request.user), messagecommunityextra__content_type=ct)
        else:
            messages = MessageCommunity.objects.select_related().filter(Q(communities__in=allowed_objects) | Q(
                users=request.user) | Q(owner=request.user), messagecommunityextra__content_type=ct)
    else:
        if community_id and int(community_id) in allowed_objects:
            messages = MessageCommunity.objects.select_related().filter(Q(
                communities=community_id), messagecommunityextra__content_type=ct)
        else:
            messages = MessageCommunity.objects.select_related().filter(Q(
                communities__in=allowed_objects), messagecommunityextra__content_type=ct)

    return messages.distinct()
Esempio n. 36
0
    def render(self, context):
        request = context['request']
        try:
            menu_item = self.menu_item.resolve(context)
        except:
            menu_item = self.menu_item

        try:
            mi = ZornaMenuItem.objects.get(slug=menu_item)
        except ZornaMenuItem.DoesNotExist:
            return ''
        ao_articles = get_allowed_objects(
            request.user, ArticleCategory, 'reader')
        if mi.object_id and mi.content_type == ContentType.objects.get(model='ArticleCategory'):
            if not mi.object_id in ao_articles:
                return ''
        mi.menu_children = get_menu_children(request, mi)
        context[self.var_name] = mi
        return ''
Esempio n. 37
0
    def render(self, context):
        request = context['request']
        try:
            menu_item = self.menu_item.resolve(context)
        except:
            menu_item = self.menu_item

        try:
            mi = ZornaMenuItem.objects.get(slug=menu_item)
        except ZornaMenuItem.DoesNotExist:
            return ''
        ao_articles = get_allowed_objects(request.user, ArticleCategory,
                                          'reader')
        if mi.object_id and mi.content_type == ContentType.objects.get(
                model='ArticleCategory'):
            if not mi.object_id in ao_articles:
                return ''
        mi.menu_children = get_menu_children(request, mi)
        context[self.var_name] = mi
        return ''
Esempio n. 38
0
def get_story_file(request, file_id):
    try:
        file = ArticleAttachments.objects.get(pk=file_id)
        story = file.article
        allowed_objects = get_allowed_objects(
            request.user, ArticleCategory, 'reader')
        al = story.categories.filter(pk__in=allowed_objects)
        if len(al) == 0:
            return HttpResponseForbidden()
    except:
        return HttpResponseForbidden()

    path = "%s/%s" % (get_upload_articles_files(), file.attached_file.name)
    fp = open(path, 'rb')
    content_type = file.mimetype
    response = HttpResponse(fp.read(), content_type=content_type)
    response['Content-Length'] = os.path.getsize(path)
    response['Content-Disposition'] = "attachment; filename=%s" % os.path.basename(
        file.attached_file.name)
    return response
Esempio n. 39
0
def get_allowed_folders(request, what='all'):

    roots = []
    if what == 'all' or what == 'personal':
        bpersonal = SiteOptions.objects.is_access_valid(
            request.user, 'zorna_personal_documents')
        if bpersonal:
            roots.extend(['U%s' % request.user.pk])
    if what == 'all' or what == 'shared':
        aof = get_allowed_shared_folders(
            request.user, ['writer', 'reader', 'manager'])
        roots.extend(['F%s' % f for f in aof])
        for f in aof:
            for d in ZornaFolder.objects.get(pk=f).get_descendants().exclude(inherit_permissions=False):
                roots.append('F%s' % d.pk)
    if what == 'all' or what == 'communities':
        aof = get_allowed_objects(
            request.user, Community, ['manage', 'member'])
        roots.extend(['C%s' % f for f in aof])

    return roots
Esempio n. 40
0
File: api.py Progetto: somair/zorna
def is_member_by_message(user, message):
    baccess = False
    allowed_objects = get_allowed_objects(user, Community, 'member')
    c = Community.objects.filter(
        messagecommunity__pk=message, pk__in=allowed_objects)
    if c:
        baccess = True
    elif user.is_authenticated():
        # is this message is sent to current user?
        # u =
        # User.objects.filter(Q(message_users__messagecommunity__pk=message,
        # pk=user.pk))
        l = MessageCommunity.objects.filter(users=user, pk=message)
        if l:
            baccess = True
        else:
            try:
                MessageCommunity.objects.get(pk=message, owner=user)
                baccess = True
            except MessageCommunity.DoesNotExist:
                pass
    return baccess
Esempio n. 41
0
def get_story_image(request, story, size=None):
    try:
        story = ArticleStory.objects.select_related().get(pk=story)
        allowed_objects = get_allowed_objects(
            request.user, ArticleCategory, 'reader')
        al = story.categories.filter(pk__in=allowed_objects)
        if len(al) == 0:
            return HttpResponseRedirect('/')
    except:
        return HttpResponseRedirect('/')

    path = u"%s/%s" % (get_upload_articles_images(), story.image)
    if size:
        miniature = resize_image(story.image.path, size)
        split = path.rsplit('/', 1)
        path = '%s/%s' % (split[0], miniature)

    try:
        image_data = open(path, "rb").read()
        return HttpResponse(image_data, mimetype=story.mimetype)
    except:
        return HttpResponse('')
Esempio n. 42
0
def get_allowed_folders(request, what='all'):

    roots = []
    if what == 'all' or what == 'personal':
        bpersonal = SiteOptions.objects.is_access_valid(
            request.user, 'zorna_personal_documents')
        if bpersonal:
            roots.extend(['U%s' % request.user.pk])
    if what == 'all' or what == 'shared':
        aof = get_allowed_shared_folders(request.user,
                                         ['writer', 'reader', 'manager'])
        roots.extend(['F%s' % f for f in aof])
        for f in aof:
            for d in ZornaFolder.objects.get(pk=f).get_descendants().exclude(
                    inherit_permissions=False):
                roots.append('F%s' % d.pk)
    if what == 'all' or what == 'communities':
        aof = get_allowed_objects(request.user, Community,
                                  ['manage', 'member'])
        roots.extend(['C%s' % f for f in aof])

    return roots